VpnMentor reports that researcher Jeremiah Fowler discovered 13 non-password-protected databases that contained 4.6 million documents, including voter records, ballots, multiple lists, and election-related records. Through his research, Fowler found that the data was owned by Platinum Technology Resource/Platinum Elections Services. Once I was reasonably sure who managed the database, I sent a responsible disclosure notice…
Category: Government Sector
ICO reprimands the Electoral Commission after cyber attack compromises servers
The U.K.’s Information Commissioner’s Office issued the following statement today: We have issued a reprimand to the Electoral Commission after hackers gained access to servers that contained the personal information of approximately 40 million people. In August 2021, hackers successfully accessed the Electoral Commission’s Microsoft Exchange Server by impersonating a user account and exploiting known…
KY: Cyberattack closes Jefferson County Clerk’s Office, all motor vehicle branches
Matthew Keck reports: If you were planning to visit the Jefferson County Clerk’s Office or a motor vehicle branch on Tuesday, you’ll have to reschedule. A cyber attack forced the Jefferson County Clerk’s Office to close its eight branches this week. The attack was first discovered at 2:24 a.m. Monday, said Ashley Tinius, a spokesperson…
Kuwait Court Drops Case Against Notorious Pentagon Hacker
Asharq Al-Awsat reports: The Kuwaiti Court of Cassation upheld on Sunday the dismissal of criminal charges against a notorious Kuwaiti hacker who had infiltrated hundreds of websites around the world, including the US Department of Defense’s (Pentagon) website. The Court of Cassation, the highest judicial authority, affirmed a previous ruling by the Court of Appeals…
Suffolk County cyberattack recovery costs hit $25M; final tab still being tallied
Remember how Suffolk County in New York had decided cyberinsurance was too expensive and how they got hit with a ransomware attack by AlphV in 2022. The county not only had no insurance, but it had no cyberattack recovery plan. Mark Harrington reports another update on that incident: Suffolk County approved more than $25…
‘GhostEmperor’ returns: Mysterious Chinese hacking group spotted for first time in two years
Alexander Martin reports: An elusive and highly covert Chinese hacking group tracked as GhostEmperor — notorious for its sophisticated supply-chain attacks targeting telecommunications and government entities in Southeast Asia — has been spotted for the first time in more than two years. And according to the researchers, the group has gotten even better at evading…